Skip to content
contact

Data Privacy

Status: April 10, 2025

Table of Contents

  • Responsibilitly

  • Overview of Processing Activities

  • Applicable Legal Bases

  • Security Measures

  • Transfer of Personal Data

  • General Information on Data Storage and Deletion

  • Rights of Data Subjects

  • Provision of Online Services and Web Hosting

  • Use of Cookies

  • Contact and Inquiry Management

  • Social Media Presence

  • Plug-ins and Embedded Features and Content

     

Responsibility

Pia Struck
Ortsstraße 45
55411 Bingen
Germany

Email: pst@piastruck.de
Imprint: https://unternehmensinnovation.de/imprint

Overview of Processing Activities

This overview summarizes the types of personal data we process, the purposes for their processing, and the categories of affected individuals.

Types of Data Processed:

  • Inventory data

  • Contact data

  • Content data

  • Usage data

  • Meta, communication, and procedural data

  • Log data

Categories of Data Subjects:

  • Communication partners

  • Users

Purposes of Processing:

  • Fulfillment of contractual services and obligations

  • Communication

  • Security measures

  • Organizational and administrative procedures

  • Feedback

  • Provision of our online services and user experience

  • IT infrastructure

  • Public relations

Applicable Legal Bases

The following is an overview of the legal bases under the GDPR on which we process personal data. Note that national data protection laws of your or our residence or business location may also apply.

  • Consent (Art. 6(1)(a) GDPR): The data subject has given consent for a specific purpose.

  • Performance of a contract or pre-contractual inquiries (Art. 6(1)(b) GDPR): Processing is necessary to fulfill a contract or carry out pre-contractual steps.

  • Legitimate interests (Art. 6(1)(f) GDPR): Processing is necessary for our legitimate interests, unless overridden by the interests or fundamental rights and freedoms of the data subject.

German Data Protection Law (BDSG):
The German Federal Data Protection Act (BDSG) includes special provisions on rights of access, erasure, objection, special categories of personal data, processing for other purposes, and data transfers or automated decisions.

Swiss DSG Notice:
These privacy notices are provided under both the Swiss DSG and the EU GDPR. For broader applicability and clarity, we use GDPR terminology. However, terms such as “processing,” “legitimate interest,” and “special categories of data” are interpreted under Swiss law where applicable.

Security Measures

We implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, considering the state of the art, implementation costs, type, scope, context, and purposes of processing, and the varying likelihood and severity of risks to individuals’ rights and freedoms.

Security measures include:

  • Protection of data confidentiality, integrity, and availability

  • Physical and digital access control

  • Data separation, deletion processes, and incident response

  • Privacy by design and by default in hardware/software selection

TLS/SSL Encryption (HTTPS):
We use TLS/SSL encryption to protect user data transmitted via our online services from unauthorized access. This ensures secure data exchange between the browser and the website.

Transfer of Personal Data

We may share personal data with third parties such as service providers or content providers integrated into our website. In such cases, we ensure compliance with legal requirements and conclude appropriate data processing agreements to protect your information.

General Information on Data Storage and Deletion

We delete personal data in accordance with legal requirements when consent is withdrawn or there is no longer a legal basis for processing.

Exceptions:

  • Legal retention requirements (e.g., tax or commercial law)

  • Legal claims or protection of rights

Retention Periods (Germany):

  • 10 years: Financial records, annual accounts, inventories (§ 147 AO, § 257 HGB)

  • 6 years: Business correspondence, salary records, etc.

  • 3 years: Warranty and liability-related data (§§ 195, 199 BGB)

If multiple retention periods apply, the longest period is observed. If no start date is specified, the period begins at the end of the calendar year in which the triggering event occurred.

Rights of Data Subjects (GDPR)

You have the following rights under GDPR:

  • Right to object (Art. 21): Object to processing based on legitimate interest or for direct marketing.

  • Right to withdraw consent at any time.

  • Right of access (Art. 15): Learn whether your data is being processed and obtain a copy.

  • Right to rectification (Art. 16): Correct inaccurate or incomplete data.

  • Right to erasure (Art. 17): Request deletion under certain conditions.

  • Right to restriction of processing (Art. 18): Request restricted processing under specific circumstances.

  • Right to data portability (Art. 20): Receive data in a portable format or have it transferred to another controller.

  • Right to lodge a complaint with a supervisory authority (Art. 77).

Provision of Online Services and Web Hosting

We process user data to provide our online services. This includes the user’s IP address to deliver web content to their device.

Processed Data:

  • Usage data (e.g., pages visited, session duration)

  • Meta/communication data (e.g., IP address, timestamps)

  • Log data (e.g., access records, system messages)

Legal Basis: Legitimate interests (Art. 6(1)(f) GDPR)
Retention: See “General Information on Data Storage and Deletion”

Hosting Provider:
1&1 IONOS SE, Elgendorfer Str. 57, 56410 Montabaur, Germany
IONOS Privacy Policy

Use of Cookies

Cookies are small text files stored on users’ devices. They can be used for essential functionality, security, convenience, or visitor analysis.

Legal Basis:

  • Consent (Art. 6(1)(a) GDPR), when required

  • Legitimate interests (Art. 6(1)(f) GDPR), when essential

Types of Cookies:

  • Session cookies: Deleted after browser is closed

  • Persistent cookies: Remain stored for up to 2 years

Cookie Management:
We use the Complianz consent management solution.
More info: Complianz Privacy Policy

Users can withdraw consent or adjust cookie preferences in their browser settings.

Contact and Inquiry Management

When you contact us (e.g., via email, form, phone), we process your data to respond to inquiries and requests.

Processed Data:

  • Contact details (name, email, phone, etc.)

  • Message content

  • Technical metadata (e.g., IP address, timestamps)

Legal Basis:

  • Contract performance (Art. 6(1)(b) GDPR)

  • Legitimate interests (Art. 6(1)(f) GDPR)

Social Media Presence

We maintain profiles on platforms like LinkedIn to communicate and provide information.

Please note: Data may be processed outside the EU, and used for analytics or advertising. User profiles can be created, and cookies stored for behavior tracking. Logged-in users may be linked across devices.

For more info and opt-out options, refer to the privacy policies of the respective platforms.

LinkedIn Joint Responsibility:
We are jointly responsible with LinkedIn Ireland for processing Page Insights data.
Privacy: LinkedIn Privacy Policy
Joint Controller Addendum: LinkedIn Agreement

Plug-ins and Embedded Features and Content

We embed third-party content (e.g., maps, videos, fonts) into our online services. These providers may process your IP address and device data to display the content.

Legal Basis:

  • Consent (Art. 6(1)(a) GDPR), if required

  • Legitimate interests (Art. 6(1)(f) GDPR), otherwise

Example: Google Fonts

  • Provider: Google Ireland Ltd.

  • Fonts are loaded via the Google Fonts API

  • Data such as browser type, screen resolution, language, and referring page may be sent

  • Google Fonts FAQ

  • Google Privacy Policy

Created with free Datenschutz-Generator.de by Dr. Thomas Schwenke

Linkedin-in

Contact

quick links

© 2025 Pia Struck. All Rights Reserved.

Webdesign by Monkey Creations